RESUMENEn este artículo de investigación se presenta un método para la formación de interesados (stakeholder) en la ejecución de proyectos de ingeniería. El método integra investigaciones recientes en las áreas de la educación en ingeniería y técnicas de inteligencia artificial. El método es modelado a través de un sistema tutorial inteligente, el cual permite hacer un seguimiento cognitivo del interesado y del desarrollo del proyecto. También se utiliza el razonamiento basado en casos para ofrecer alternativas de solución cuando el stakeholder encuentra dificultades en la adquisición de los conocimientos.Palabras clave: proyectos en ingeniería, interesados, elearning, planeación estratégica, entrenamiento de personal, inteligencia artificial.
Palabras Claves-Vulnerabilidades, OWASP, ataques web, PHP, programación segura, seguridad web.Abstract-Currently, most web applications contain security vulnerabilities. Probably, it is due to lack of culture of the developers or the absence of specific coding techniques. We analyzed certain works related, but we consider that they do not define detailed programming techniques, nor do they focus on a specific programming language. This work proposes a set of secure programming techniques to reduce vulnerabilities in web applications using the PHP. For this, ten vulnerabilities were determined using the OWASP TOP-10 recommendations. Then, the seven techniques are presented and their respective way of implementing them. The techniques are validated; the vulnerabilities of a web application are measured in two scenarios; with and without the implementation of the proposed techniques. The results show that the use of the proposed techniques is significantly related to the number of vulnerabilities found and therefore improves the level of security of web applications.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.